itman

On this regard, I found IE11's popup blocker disabled after a screen locker like scam incident. It also took a bit of "finagling" to reenable it. I am still trying to figure out how the attacker could disable the popup blocker.

Eset appears to be blocking inbound mail from "mailer01.telemar.org." Note that the posted rejection notice from telemar.org states "This is the mail system at mailer03.telemar.org." Perhaps this is some type of domain routing issue?

I am curious about the "Eset form" you mentioned. Where did this appear from? Was it a popup from your browser for example? In any case, you were obviously redirected to some scam web site. The thing to be established is how this happened. I don't believe the "form" you mentioned was generated from the existing Eset installation GUI. For future reference in the U.S., you should always renew from this web site: https://www.eset.com/us/renew/

Below screen shot is for Internet Security but believe the GUI option is the same in EAV an EIS:

As far as Eset's authorized partner in India, it is Technobind; not Sakri: Technobind Solutions Pvt Ltd No.19, Amar Plaza, Krishna Nagar Industrial Area, Hosur Road Koramangala, Bangalore 560029, India Office Phone: +918042154512 Web: www.technobind.com I would contact them directly about your purchase issues.

What Eset product are you specifically referring to? You posted in the Internet & Smart Security forum section. What issues are you having? As far as refunds go, that is something you will have to discuss with Eset - USA. I assume this is whom you purchased the software from. Their contact information is here: https://www.eset.com/us/about/contact/

I think that is a good assumption. On my Win 10 build for example, ntoskrnl.exe was updated as a result of the 4/9 cumulative update. Whether the file deleted in C:\Windows\WinSxS\Temp could cause a blue screen is debatable. The only way I see this happening is if C:\Windows\System32\ntosknrl.exe was deleted in the Win Updating processing and the file in C:\Windows\WinSxS\Temp was its replacement. Since Win Updating is performed in isolated off-line fashion, I really don't see how Eset in any fashion could have deleted the file prior to full completion of Win Updating processing. However Win Updating on Win 7 is "pretty primitive" compared to that done on Win 10, so anything in this regard is possible.

How did you do this? The Eset GUI will alert that a value of "0" is an invalid value.

On the Win 10 desktop toolbar, click on the up arrow sign located on the right hand side. This will show all hidden icons. Then drag the Eset icon down to the desktop toolbar; best place is preceding the Windows Security Center icon. From this point on, the icon should show on the desktop tool bar at system boot time.

What I read on the web is that directory is used by both installers and Win Updates as basically a work directory during their respective processing. Also, both are supposedly responsible for cleanup; i.e. deletion of files in that directory. Note that the last Win 7 cumulative update was pretty much a mess for a lot a devices. You will have to submit those files to Eset for analysis before a definitive verdict can be rendered if they are truly malicious.

The only files I have in that directory on Win 10 are .xml and .cdf-ms files.

ASUS Updates Security Certificates of Motherboards, Graphics Cards, Mini PCs, Workstations and Servers https://www.techpowerup.com/254629/asus-updates-security-certificates-of-motherboards-graphics-cards-mini-pcs-workstations-and-servers

As I recollect, it has been a while since I was using Win 7, Eset's splash screen was a bit irratic in its display. Since I have been on Win 10, the splash screen in the last couple of Eset vers. has always appeared after Windows Security Center initializes at system boot time. It's display at sign-on time after prior sign-off is a bit irratic; sometimes it shows; sometimes not. What @cyberhash stated is applicable especially on Win 7. That is in a slow boot initialization with absence of Windows Security Center, Eset has fully initialized prior to the desktop appearing. Hence the lack of the splash screen.

Error code 1923 from an installer usually is indicative of a permissions issue; usually installation of Win services. You are installing Eset while logged on as a limited admin?

Here's an Eset knowledgebase article on the subject: https://support.eset.com/kb2915/?locale=en_US&viewlocale=en_US You should have paid attention to the option to "Save scan logs." That would have enabled you to refer to the log where the source location for the quarantined file was located. Additionally , the Quarantine section would have also shown the source location for the file. At this point, it appears your only option is to perform manual searching in directories where the installer was initially downloaded to; most likely C:\Users\xxxxx\Downloads directory.